*/
#include "includes.h"
+#include "librpc/gen_ndr/ndr_winreg.h"
static void init_winreg_String(struct winreg_String *name, const char *s)
{
return False;
}
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("GetVersion failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
return True;
}
static BOOL test_CreateKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct policy_handle *handle, char *name, const char *class)
+ struct policy_handle *handle, const char *name,
+ const char *class)
{
struct winreg_CreateKey r;
struct policy_handle newhandle;
return False;
}
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("CloseKey failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
return True;
}
return False;
}
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("FlushKey failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
return True;
}
if (!W_ERROR_IS_OK(r.out.result)) {
printf("OpenKey failed - %s\n", win_errstr(r.out.result));
+
return False;
}
struct winreg_Time tm;
NTSTATUS status;
+ printf("Testing EnumKey\n\n");
+
r.in.handle = handle;
r.in.enum_index = 0;
r.in.key_name_len = r.out.key_name_len = 0;
if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result)) {
struct policy_handle key_handle;
+ printf("EnumKey: %d: %s\n", r.in.enum_index, r.out.out_name->name);
+
if (!test_OpenKey(
p, mem_ctx, handle, r.out.out_name->name,
&key_handle)) {
- printf("OpenKey(%s) failed - %s\n",
- r.out.out_name->name,
- win_errstr(r.out.result));
- goto next_key;
+ } else {
+ test_key(p, mem_ctx, &key_handle, depth + 1);
}
-
- test_key(p, mem_ctx, &key_handle, depth + 1);
}
- next_key:
-
r.in.enum_index++;
- } while (W_ERROR_IS_OK(r.out.result));
+ } while (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result));
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("EnumKey failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ if (!W_ERROR_IS_OK(r.out.result) && !W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
+ printf("EnumKey failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
+
+
+ return True;
+}
+
+static BOOL test_QueryValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *valuename)
+{
+ struct winreg_QueryValue r;
+ NTSTATUS status;
+ uint32 zero = 0;
+ uint32 offered = 0xfff;
+
+ printf("Testing QueryValue\n");
+
+ r.in.handle = handle;
+ r.in.value_name.name = valuename;
+ r.in.type = &zero;
+ r.in.size = &offered;
+ r.in.length = &zero;
+
+ status = dcerpc_winreg_QueryValue(p, mem_ctx, &r);
+ if(NT_STATUS_IS_ERR(status)) {
+ printf("QueryValue failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("QueryValue failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
return True;
}
struct policy_handle *handle, int max_valnamelen, int max_valbufsize)
{
struct winreg_EnumValue r;
- struct winreg_Uint8buf vb;
- struct winreg_EnumValueName vn;
- uint32_t type = 0, requested_len = max_valbufsize, returned_len = 0;
- NTSTATUS status;
+ uint32 type = 0;
+ uint32 size = max_valbufsize, zero = 0;
+ BOOL ret = True;
+ uint8_t buf8;
+ uint16_t buf16;
- r.in.handle = handle;
- r.in.enum_index = 0;
- r.in.type = &type;
- r.in.requested_len = &requested_len;
- r.in.returned_len = &returned_len;
- vn.max_len = 0;
- vn.len = 0;
- vn.buf = NULL;
- r.in.name = r.out.name = &vn;
- vb.max_len = max_valbufsize;
- vb.offset = 0x0;
- vb.len = 0x0;
- vb.buffer = NULL;
- r.in.value = &vb;
+ printf("testing EnumValue\n");
+ r.in.handle = handle;
+ r.in.enum_index = 0;
+ r.in.name_in.length = 0;
+ r.in.name_in.size = 0x200;
+ r.in.name_in.name = &buf16;
+ r.in.type = &type;
+ r.in.value = &buf8;
+ r.in.length = &zero;
+ r.in.size = &size;
+
do {
- status = dcerpc_winreg_EnumValue(p, mem_ctx, &r);
+ NTSTATUS status = dcerpc_winreg_EnumValue(p, mem_ctx, &r);
if(NT_STATUS_IS_ERR(status)) {
printf("EnumValue failed - %s\n", nt_errstr(status));
return False;
}
+
+ if (W_ERROR_IS_OK(r.out.result)) {
+ ret &= test_QueryValue(p, mem_ctx, handle, r.out.name_out.name);
+ }
+
r.in.enum_index++;
} while (W_ERROR_IS_OK(r.out.result));
printf("EnumValue failed - %s\n", win_errstr(r.out.result));
return False;
}
-
- return True;
+
+ return ret;
}
static BOOL test_OpenHKLM(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
unknown.unknown0 = 0x84e0;
unknown.unknown1 = 0x0000;
r.in.unknown = &unknown;
- r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.in.access_required = SEC_FLAG_MAXIMUM_ALLOWED;
r.out.handle = handle;
status = dcerpc_winreg_OpenHKLM(p, mem_ctx, &r);
return False;
}
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("OpenHKLM failed - %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
return ret;
}
unknown.unknown0 = 0x84e0;
unknown.unknown1 = 0x0000;
r.in.unknown = &unknown;
- r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.in.access_required = SEC_FLAG_MAXIMUM_ALLOWED;
r.out.handle = handle;
status = dcerpc_winreg_OpenHKU(p, mem_ctx, &r);
unknown.unknown0 = 0x84e0;
unknown.unknown1 = 0x0000;
r.in.unknown = &unknown;
- r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.in.access_required = SEC_FLAG_MAXIMUM_ALLOWED;
r.out.handle = handle;
status = dcerpc_winreg_OpenHKCR(p, mem_ctx, &r);
struct winreg_InitiateSystemShutdown r;
NTSTATUS status;
+ init_winreg_String(&r.in.hostname, NULL);
init_winreg_String(&r.in.message, msg);
r.in.flags = 0;
r.in.timeout = timeout;
{
struct winreg_AbortSystemShutdown r;
NTSTATUS status;
- uint16 server = 0x0;
+ uint16_t server = 0x0;
r.in.server = &server;
unknown.unknown0 = 0x84e0;
unknown.unknown1 = 0x0000;
r.in.unknown = &unknown;
- r.in.access_required = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.in.access_required = SEC_FLAG_MAXIMUM_ALLOWED;
r.out.handle = handle;
status = dcerpc_winreg_OpenHKCU(p, mem_ctx, &r);
if (!test_EnumKey(p, mem_ctx, handle, depth)) {
}
- if (!test_EnumValue(p, mem_ctx, handle, 200, 200)) {
+ if (!test_EnumValue(p, mem_ctx, handle, 0xFF, 0xFFFF)) {
}
- /* Enumerate values */
-
test_CloseKey(p, mem_ctx, handle);
return True;
BOOL ret = True;
winreg_open_fn *open_fn = (winreg_open_fn *)fn;
- if (!open_fn(p, mem_ctx, &handle))
+ if (!open_fn(p, mem_ctx, &handle)) {
return False;
+ }
if (!test_CreateKey(p, mem_ctx, &handle, "spottyfoot", NULL)) {
printf("CreateKey failed\n");
return ret;
}
-BOOL torture_rpc_winreg(int dummy)
+BOOL torture_rpc_winreg(void)
{
NTSTATUS status;
struct dcerpc_pipe *p;